Who we are

We are The Business Excellence Institute. Our website address is BusinessExcellence.org and you can find our contact information there.

The protection of your personal data is of great importance to us and we take it very seriously - anything else would be nothing like excellence and go against our values. This Privacy Statement is written to be as concise and easy to understand as possible. In it, the terms “the Institute”, “us”, “we” shall refer to The Business Excellence Institute, “member” shall mean a registered individual member of the Institute, and “Services” shall mean all services provided by the Institute.

We shall collect and process your Personal Data in accordance with the data protection laws of Ireland. Information you provide will be protected with industry standard protocols and technology.

This website

This website members.BusinessExcellence.org is the Institute’s Member Platform. It is used to provide some of the Institute’s services and can only be accessed (beyond the login, privacy statement, and terms and conditions pages) by members.

We collect and process Personal Data (which is any information related to an individual human being that can be used either directly or indirectly to identify the person). To become a member of The Business Excellence Institute you are obliged to agree to the practices described in this Privacy Statement, to give us permission to use your Personal Data as outlined, to and agree to our Terms & Conditions. However, you are not obliged to join.

Non-Members

What Personal Data we collect, why we collect it, and Permission you give for its Use

Like most websites, each time you access the site, log files record certain technical data and other information such as the time and date of your access is recorded. The legal basis for processing such data (to the extent that it is to be considered personal data) is “legitimate interests”, these legitimate interests arise from the fact that without such data the website cannot be accessed, we have an interest to continuously improve the website and its services, and to protect against fraud.

When a non-member contacts us, other than when applying to become a member, any additional Personal Data provided is optional and collected on the basis of consent. It is only used for the purposes for which it was supplied.

Where we store and process your data

Your data will be stored and processed in the EU.

Who we share your data with

Except as required by law (where the legal basis for sharing your data is legal obligation), your Personal Data will not be shared.

How long we retain your data

Your personal data will be retained for a maximum of 5 years.

What rights you have over your data

If you have submitted personal data to us, you have the right to request a copy of the personal data about you that we have stored and to request corrections if needed. You have the right to withdraw your consent that we process any data you have provided. You have the right to request that all personal data we hold, with the exception of any data we are obliged to keep for administrative purposes by law, be deleted.

You also have the right to lodge a complaint with us and/or your local data protection authority.

Individual Members and Applicants

What personal data we collect and why we collect it

We collect and keep your Personal Data solely to maintain your membership and to provide and improve the Services for which you have provided the data.

Some Personal Data is collected and processed by Contractual Necessity when you apply to become a member. Like most websites, each time you access the site, log files record certain technical data and other information such as the time and date of your access is recorded. The legal basis for processing such data (to the extent that it is to be considered personal data) is “legitimate interests”, these legitimate interests arise from the fact that without such data the website cannot be accessed, we have an interest to continuously improve the website and its services, and to protect against fraud. Any other Personal Data you provide is collected and processed on the basis of Consent.

The data collected and processed by Contractual Necessity for you to become a member of the Institute is: your name, email address, postal address, if you have less than or over 3 years professional working experience, your password for the Member Platform as well as a Security Question and Answer. Any other Personal Data you provide is optional and done so on the basis of your consent.

The membership application form highlights what Personal Data is collected by Contractual Necessity and what data is collected on the basis of consent. This Personal Data is used to:

  • assess membership applications and, where applicable, grant membership
  • provide access to the Member Platform
  • create a “member profile” for you which is an intrinsic part of having access to the Member Platform
  • provide you with Services

Member Platform Service Related Data

  • Groups

    The Member Platform includes discussion groups (Groups). Groups can be moderated by one or more moderators or can be un-moderated. For moderated Groups, the moderator(s) decide(s) whether it is open to all members or whether it is only accessible to a specific group of invited people.

    All posts in un-moderated groups, and moderated groups open to all members, can be read by all other members. Posts to private groups can only be read by those who have joined the group. If you include any personal data in a group discussion you are a “data controller” and are obliged to comply with Irish and EU personal data protection Law.

  • Events

    The Member Platform offers you the possibility to enter certain activities and events into its Events service in order to publicise them. The Events function enables you to (i) coordinate your events ("Arranged Events") with other members and/or with non-members and/or (ii) to publicise other events that you feel might be of interest to members ("Publicised Events").

    Each Arranged Event has an "Organizer". The Organizer decides if an event will be a "Private Event" or a "Public Event". Visibility of Private Events and their related information is restricted to those people who are invited to the event. The Organiser decides what information about the event is visible to those invited. This makes the organiser a “data controller”, obliged to comply with Irish and EU personal data protection Law.

    For Public Events, most event information is visible to all members. This information may include the Venue and an "Attendance List" that shows who is attending or might attend. If the event has people who have been specifically invited (or if members otherwise indicate that they will not attend) it also shows those who will not attend. The “Attendance List” will also show those who have not yet responded if they have been specifically invited.

    If an event has a Feedback Questionnaire, responses to the questionnaires are visible to the event Organiser. If the Organiser has selected to request feedback on an anonymous basis, responses are not linked to a respondent’s name, otherwise the Organiser may be traced to the respondent.

  • Surveys

    Members who conduct surveys control who may see a survey's questionnaire, distribution list (if any), and response data. All surveys are conducted on an anonymous basis unless the survey offers an option for respondents to provide identifying information such as their name. If you opt to conduct a survey that includes gathering personal data, you are the data controller and are obliged to comply with Irish and EU personal data protection Law.

  • ShareSafe

    The service allows you to create and manage “ShareSafe” folders which act as a temporary storage facility for files that you wish to send or receive from other members. Files stored in a ShareSafe are encrypted and by default only you have access to ShareSafe folders you create.

    You control who has access to each of your ShareSafe folders and the files they contain. You may grant your contacts "read-only access", "write-only access" or "read/write access" to each of your ShareSafe folders. If you opt to store personal data in a ShareSafe, you are a “data controller” and are obliged to comply with Irish and EU personal data protection Law.

  • Private Activity

    The Member Platform offers certain functionality such as your calendar, notepad, and bookmarks which you can use privately. What you do privately using these tools is not shared with other members unless you explicitly opt to share it with certain members.

Where we store and process your data

Your data will be stored and processed in the EU.

Who we share your data with

The majority of the Personal Data you provide us with is made available to members on the Member Platform as an integral part of your membership and can be viewed by all members wherever they are located in the world. The following Personal Data is accessible to other members without any restrictions:

  1. Name
  2. Country
  3. Name of Organisation (when applicable)
  4. Job title (if provided)
  5. Photo (if provided)

Your contact information is not shared with other members. If you provided a resume or CV when applying, it is not shared with other members (and will be deleted shortly after your membership is approved unless you request it be used in a qualification process or to help you in some other way). For security, your password is only stored after it has gone through a "one-way encryption" process (technically, this known as being "salted and hashed"), so we do not know it and can never disclose it.

Additional information which you may opt to provide will be made available to other members.

If we are contacted by somebody seeking to confirm your membership or the validity of a qualification issued by the Institute we will do so.

Any feedback or testimonial you provide with permission to make public, can be made public. Likewise, any photograph or video in which you feature can be made public with your permission.

Other than in the situations outlined above, except as required by law (where the legal basis for sharing your data is legal obligation), we will not share your Personal Data with any non-member.

The Member Platform, as part of its functioning, also captures some data that relates to you, such as contribution data (for example, any articles or tools you publish on the platform), discussion groups that you subscribe to, and the fact you view another member’s profile. This information is visible to others as part of the Services and to help them determine how active you are on the Member Platform and if you may be of benefit to one another.

How long we retain your data

You have control over how long most of your Personal Data is retained as, with the exception of testimonials, photos, and videos which you have given us permission to publicise, you can edit and delete data provided on the basis of your consent yourself.

Personal Data retained by Contractual Necessity will be retained for 8 years after your membership expires.

Testimonials, photos, and videos which you have given us permission to publicise will be retained indefinitely until such time as the Institute opts to delete them or you opt to revoke your consent. Any other Personal Data provided on the basis of your consent that you don’t delete yourself will be held for as long as you are a member and for up to 1 year following the termination of your membership (to facilitate those who allow their membership to lapse re-joining with ease).

What rights you have over your data

You have the right to request a copy of the personal data about you that we have stored. You can edit your personal data by logging into the Member Platform and editing your membership profile. You can also delete most of your personal data in a similar manner. You have the right to request that all personal data we hold, with the exception of any data we are obliged to keep for administrative purposes by law, be deleted (this may invalidate any Institute qualifications you have been issued).

You have the right to withdraw you consent that we process any data you have provided. You also have the right to lodge a complaint with us and/or your local data protection authority.

Cookies

Cookies are small files containing a very small amount of data that are used by most websites.

The Member Platform makes limited use of cookies. A "session cookie" is to identify your “session” during the course of a visit to the site so that you can browse securely without needing to continually re-enter your password. As such they are necessary for the services to work as designed. Session cookies expire and become invalid when you logout or shortly after you close your browser.

If you wish, you may enable automatic login for subsequent sessions (by selecting the "Remember me" option when you login). Enabling automatic login saves a cookie with part of your login data in encrypted form on your computer. If you opt to enable automatic login and store the cookie on your machine, access to certain pages - such as your "Settings" pages - will still require you to manually enter your password as an additional security measure.

Browsers normally delete session cookies when they are closed. You can remove cookies using tools provided for this in your browser.

Embedded content from other websites

Some pages on this site may include embedded content, such as videos. Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Log Files

Like most websites, each time you access the site, log files record certain technical data.

Analysis log files provides insight into things such as overall trends and when issues occur, what causes the problem, and how we can improve the quality of service to enhance your experience using the Member Platform. We may also review log files, where we have reasonable cause to believe that a member is using the service in breach of contractual agreements or applicable legislation.

Changes to this Privacy Statement

This Privacy Statement may change from time to time. It is accessible under the Privacy Statement link. If you have any concerns about this statement, please let us know using the Contact Us link provided on the website.